<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
class MY_Security extends CI_Security{
    function __construct(){
        parent::__construct();
    }
    public function csrf_verify(){
        parent::csrf_verify();
    }
    public function csrf_show_error(){
        if($this->_is_ajax_request()){
            die(json_encode(array(
                'status'=>FALSE,
                'code' => 'csrf',
                'content'=>'CSRF FireWall'
            )));
        }
        parent::csrf_show_error();
    }
    private function _is_ajax_request()
    {
        return ($this->_server('HTTP_X_REQUESTED_WITH') === 'XMLHttpRequest');
    }
    private function _server($index = '', $xss_clean = FALSE)
    {
        return $this->_fetch_from_array($_SERVER, $index, $xss_clean);
    }
    private function _fetch_from_array(&$array, $index = '', $xss_clean = FALSE)
    {
        if ( ! isset($array[$index]))
        {
            return FALSE;
        }

        if ($xss_clean === TRUE)
        {
            return $this->xss_clean($array[$index]);
        }

        return $array[$index];
    }
}